1. Field
Various features generally relate to security protocols and devices, and more particularly to security protocols and devices for unified near field communication (NFC) infrastructures.
2. Background
NFC is a set of short-range wireless technologies, typically requiring a distance of 10 cm or less. NFC operates at 13.56 MHz on ISO/IEC 18000-3 air interface and currently at rates ranging from 106 kbit/s to 424 kbit/s. NFC involves an initiator and a target. NFC targets may contain memory circuits that can store data that may be read and/or written to by NFC initiators. The initiator actively generates a radio frequency (RF) field that can power the NFC target, which is frequently a passive device having no power source of its own. Such passive NFC targets may thus take very simple form factors such as tags, stickers, or cards that do not require batteries.
One common use for NFC applications is to issue NFC target cards that contain information pertinent to a specific application, service, or purpose. A user may thus carry many different NFC cards each storing information associated with a different application, service, or purpose. Doing so may indeed prove cumbersome though, especially for those users carrying many cards.
Consequently, unified NFC card architectures have been proposed where a single NFC card stores information pertinent to many different applications, services, and purposes. For example, a unified NFC card may store a user's birthdate, social security number, phone number, age, address, account information associated with different services or merchants, credit card numbers, merchant/service rewards program card information, etc. The ability to store a variety of information on a single NFC card may be of great practical benefit to a user who ordinarily may have had to store such information on separate, individual NFC cards.
However, a security problem arises for unified NFC cards where the NFC initiator associated with a specific application, service, or purpose interrogates the NFC card to obtain information pertinent to it but rather, or in addition to such pertinent information, the initiator intentionally or unintentionally obtains data stored on the NFC card that is not associated to the initiator. For example, an NFC initiator associated with a supermarket may interrogate a user's NFC card with the intention of obtaining their supermarket rewards card number. In addition to this data, the NFC initiator may be able to read data unrelated to the supermarket account number including, for example, phone numbers, addresses, social security numbers, driver's license numbers, etc. and any other sensitive data that is stored on the NFC card.
Another security problem deals with NFC card “cloning.” A nefarious third party may attempt to clone an original NFC card by copying all the data off it onto another imposter NFC card not associated with the original NFC card's user. The nefarious third party may then attempt to pass the cloned, imposter NFC card off as the original thereby potentially gaining access to things and services they shouldn't.
There is a need for security protocols and devices for unified NFC target architectures that provide security for the various types of data that may be stored on NFC targets. Specifically, there is a need for security protocols and devices that help prevent entities, such as services and merchants, from accessing sensitive data stored on NFC targets that is not associated with them or should otherwise be inaccessible. Additionally, there is a need for security protocols and devices that help thwart card cloning. Moreover, there is also a need for security protocols and devices that provide mutual authentication of both the NFC targets and the services providers/merchants, thereby allowing service providers and merchants to verify the identity of an NFC target before providing sensitive data to the NFC target.